Dynamic VTI Easy VPN

The document describes the configuration of a Cisco 7206 router to serve as a Dynamic Virtual Tunnel Interface (DVTI) Easy VPN server. The server aggregates IPsec remote access connections from Cisco VPN clients and routers. Key configurations include IKE policies, IPsec profiles, virtual template interface, and IP address pools to assign addresses to connected clients. Verification shows a DVTI interface configured and routes added for connected clients.

Uploaded by

jamalnizam

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

345 views

Dynamic VTI Easy VPN

Uploaded by

jamalnizam

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 2

Example: Dynamic Virtual Tunnel Interface Easy VPN Server

The following example illustrates the use of the DVTI Easy VPN server, which serves as an IPsec remote access
aggregator. The client can be a home user running a Cisco VPN client or a Cisco IOS router configured as an Easy
VPN client.
Cisco 7206 Router Configuration

hostname cisco 7206

!
aaa new-model
aaa authentication login local_list local
aaa authorization network local_list local
aaa session-id common
!
ip subnet-zero
ip cef
!
username cisco password 0 cisco123
!
controller ISA 1/1
!
crypto isakmp policy 1
encr aes
authentication pre-share
group 14
!
crypto isakmp client configuration group group1
key cisco123
pool group1pool
save-password
!
crypto isakmp profile vpn1-ra
match identity group group1
client authentication list local_list
isakmp authorization list local_list
client configuration address respond
virtual-template 1
!
crypto ipsec transform-set VTI-TS esp-aes esp-sha-hmac
!
crypto ipsec profile test-vti1
set transform-set VTI-TS
!
interface GigabitEthernet0/1
description Internet Connection
ip address 172.18.143.246 255.255.255.0
!
interface GigabitEthernet0/2
description Internal Network
ip address 10.2.1.1 255.255.255.0
!
interface Virtual-Template1 type tunnel
ip unnumbered GigabitEthernet0/1
ip virtual-reassembly

tunnel mode ipsec ipv4

tunnel protection ipsec profile test-vti1
!
ip local pool group1pool 192.168.1.1 192.168.1.4
ip classless
ip route 0.0.0.0 0.0.0.0 172.18.143.1
!
end

Example: Verifying the Results for the Dynamic Virtual Tunnel Interface Easy VPN Server
Example: Verifying the Results for the Dynamic Virtual Tunnel Interface Easy VPN Server
The following examples show that a DVTI has been configured for an Easy VPN server.

Router# show running-config interface Virtual-Access2

Building configuration...
Current configuration : 250 bytes
!
interface Virtual-Access2
ip unnumbered GigabitEthernet0/1
ip virtual-reassembly
tunnel source 172.18.143.246
tunnel destination 172.18.143.208
tunnel mode ipsec ipv4
tunnel protection ipsec profile test-vti1
no tunnel protection ipsec initiate
end
Router# show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS
level-2
ia - IS-IS inter area, * - candidate default, U - per-user
static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.2.1.10 to network 0.0.0.0
172.18.0.0/24 is subnetted, 1 subnets
C
172.18.143.0 is directly connected, GigabitEthernet0/1
192.168.1.0/32 is subnetted, 1 subnets
S
192.168.1.1 [1/0] via 0.0.0.0, Virtual-Access2
10.0.0.0/24 is subnetted, 1 subnets
C
10.2.1.0 is directly connected, GigabitEthernet0/2
S*
0.0.0.0/0 [1/0] via 172.18.143.1

75 Duas From The Quran
92% (220)
75 Duas From The Quran
23 pages
JN0-363 Exam - Free Actual Q&as, Full Ultimo
No ratings yet
JN0-363 Exam - Free Actual Q&as, Full Ultimo
73 pages
Subnet Mask Subnet Bits Subnets Host Bits Hosts: (Restful Api)
80% (10)
Subnet Mask Subnet Bits Subnets Host Bits Hosts: (Restful Api)
4 pages
CCNP Cheat Sheets
100% (3)
CCNP Cheat Sheets
29 pages
Network Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security
From Everand
Network Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security
Redouane MEDDANE
No ratings yet
CCNA Whiteboard Study Tool
50% (2)
CCNA Whiteboard Study Tool
4 pages
Loadbalance PCC 3 Isp Mikrotik v7.5
No ratings yet
Loadbalance PCC 3 Isp Mikrotik v7.5
4 pages
CCNA Cheat Sheet
100% (1)
CCNA Cheat Sheet
1 page
Ccnpv7 Tshoot Skills Assessment - Student
70% (10)
Ccnpv7 Tshoot Skills Assessment - Student
13 pages
Cisco CCNA Command Guide: An Introductory Guide for CCNA & Computer Networking Beginners: Computer Networking, #3
From Everand
Cisco CCNA Command Guide: An Introductory Guide for CCNA & Computer Networking Beginners: Computer Networking, #3
Ramon Nastase
4.5/5 (2)
Visio-SNMP Cheat Sheet V1
No ratings yet
Visio-SNMP Cheat Sheet V1
1 page
Configuring Dynamic Multi Point VPN (DMVPN) Using GRE Over IPSec Between Multiple Routers
No ratings yet
Configuring Dynamic Multi Point VPN (DMVPN) Using GRE Over IPSec Between Multiple Routers
22 pages
Cisco - Configuring A Virtual Tunnel Interface With IP Security
No ratings yet
Cisco - Configuring A Virtual Tunnel Interface With IP Security
9 pages
CCIE Security - VPN Study Guide - Dynamic VTI - Local Authentication
No ratings yet
CCIE Security - VPN Study Guide - Dynamic VTI - Local Authentication
10 pages
Help and Shortcut Keys: Basic Configuration - Router & Switch
No ratings yet
Help and Shortcut Keys: Basic Configuration - Router & Switch
2 pages
cisco configuration show connected routes
No ratings yet
cisco configuration show connected routes
2 pages
cisco-sample-config
No ratings yet
cisco-sample-config
5 pages
Après 2
No ratings yet
Après 2
24 pages
routing and ..
No ratings yet
routing and ..
36 pages
MikRoTik VPN Configuration
No ratings yet
MikRoTik VPN Configuration
5 pages
Actividad 2 - Redes Packet Tracer
No ratings yet
Actividad 2 - Redes Packet Tracer
12 pages
Router 1: Router 3:: ! (Basic Configuration For Connection To Internet) ! (Basic Configuration For Connection To Internet)
No ratings yet
Router 1: Router 3:: ! (Basic Configuration For Connection To Internet) ! (Basic Configuration For Connection To Internet)
6 pages
DMVPN and Easy VPN Server With ISAKMP Profiles Configuration Example
No ratings yet
DMVPN and Easy VPN Server With ISAKMP Profiles Configuration Example
16 pages
Interop
No ratings yet
Interop
6 pages
Router Vpnclient Pi Stick
No ratings yet
Router Vpnclient Pi Stick
10 pages
layer-3_exercises
No ratings yet
layer-3_exercises
16 pages
Ateeq Ios
No ratings yet
Ateeq Ios
9 pages
Cisco Switch Configuration
No ratings yet
Cisco Switch Configuration
10 pages
Vxlan Evpn Notes
No ratings yet
Vxlan Evpn Notes
27 pages
Setting Up DHCP On A Cisco Router
No ratings yet
Setting Up DHCP On A Cisco Router
5 pages
Chapter 4.1 Networking
No ratings yet
Chapter 4.1 Networking
32 pages
Yasser Auda CCIEv5 Workbook
No ratings yet
Yasser Auda CCIEv5 Workbook
26 pages
Dynamic Point To Point IPSEC VPN Tunnels Using DTVIs (GNS3 Lab)
No ratings yet
Dynamic Point To Point IPSEC VPN Tunnels Using DTVIs (GNS3 Lab)
5 pages
EZVPN Configuration Example PDF
No ratings yet
EZVPN Configuration Example PDF
18 pages
dc2 n7k1
No ratings yet
dc2 n7k1
5 pages
CCNA 2023 Final
No ratings yet
CCNA 2023 Final
222 pages
CCENT Cheatsheet
100% (2)
CCENT Cheatsheet
13 pages
01 Cyber Security Interview Topics Related Networking
No ratings yet
01 Cyber Security Interview Topics Related Networking
5 pages
Learn More About ACI Packet Forwarding and Prevent Unforeseen Issues
No ratings yet
Learn More About ACI Packet Forwarding and Prevent Unforeseen Issues
62 pages
3.4.2.6 Lab - Configuring A Point-To-Point GRE VPN Tunnel
100% (1)
3.4.2.6 Lab - Configuring A Point-To-Point GRE VPN Tunnel
7 pages
L 2 TPV 3
No ratings yet
L 2 TPV 3
6 pages
Ccnpv7 Route Lab7-2 BGP As Path Instructor
0% (2)
Ccnpv7 Route Lab7-2 BGP As Path Instructor
11 pages
Step by Step Configure Router Vyata 6.5.10
No ratings yet
Step by Step Configure Router Vyata 6.5.10
23 pages
CCN A Training
No ratings yet
CCN A Training
5 pages
S13.s2 - Guia de VPN - IPSec - Acceso Remoto
No ratings yet
S13.s2 - Guia de VPN - IPSec - Acceso Remoto
17 pages
Group 2 and 3 - Lab 5
No ratings yet
Group 2 and 3 - Lab 5
51 pages
ICND1 Boson ExSim Test Review
No ratings yet
ICND1 Boson ExSim Test Review
19 pages
8.7.1.3 Lab - (Optional) Configuring A Remote Access VPN Server and Client - Instructor
No ratings yet
8.7.1.3 Lab - (Optional) Configuring A Remote Access VPN Server and Client - Instructor
30 pages
Configure A Site-To-Site UsingVTI On ASA
No ratings yet
Configure A Site-To-Site UsingVTI On ASA
6 pages
Infocomtech4 Skills Exam1 Syntax 2
No ratings yet
Infocomtech4 Skills Exam1 Syntax 2
8 pages
MobaXterm R1 20240206 091919
No ratings yet
MobaXterm R1 20240206 091919
5 pages
Flexvpn:: Created by Ahmad Ali E-Mail:, Mobile: 056 430 3717
No ratings yet
Flexvpn:: Created by Ahmad Ali E-Mail:, Mobile: 056 430 3717
18 pages
N3 8400 Backup
No ratings yet
N3 8400 Backup
7 pages
Sem 3 - Configration
No ratings yet
Sem 3 - Configration
6 pages
Cisco Steps
No ratings yet
Cisco Steps
15 pages
Booting Up The Router and Locating The Cisco IOS
No ratings yet
Booting Up The Router and Locating The Cisco IOS
9 pages
Ipsec Feat
No ratings yet
Ipsec Feat
19 pages
7.2.2.5 Lab - Configuring A Point-To-Point GRE VPN Tunnel - ILM
100% (11)
7.2.2.5 Lab - Configuring A Point-To-Point GRE VPN Tunnel - ILM
16 pages
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
From Everand
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
Mulayam Singh
No ratings yet
CCNA Exam Focus: Study Guide with Practice Tests
From Everand
CCNA Exam Focus: Study Guide with Practice Tests
SUJAN
No ratings yet
Network with Practical Labs Configuration: Step by Step configuration of Router and Switch configuration
From Everand
Network with Practical Labs Configuration: Step by Step configuration of Router and Switch configuration
Mulayam Singh
No ratings yet
CCNA Certification All-in-One For Dummies
From Everand
CCNA Certification All-in-One For Dummies
Silviu Angelescu
5/5 (1)
Set Up Your Own IPsec VPN, OpenVPN and WireGuard Server: Build Your Own VPN
From Everand
Set Up Your Own IPsec VPN, OpenVPN and WireGuard Server: Build Your Own VPN
Lin Song
5/5 (1)
CCNA Certification Study Guide Volume 2: Exam 200-301 v1.1
From Everand
CCNA Certification Study Guide Volume 2: Exam 200-301 v1.1
Todd Lammle
5/5 (1)
CUCM Video Series Region
No ratings yet
CUCM Video Series Region
9 pages
Ccie SP Tshoot Lab
No ratings yet
Ccie SP Tshoot Lab
49 pages
OSPF
No ratings yet
OSPF
3 pages
Configuring BGP On Cisco Routers Lab Guide 3.2
67% (3)
Configuring BGP On Cisco Routers Lab Guide 3.2
106 pages
Your CCIE Lab Success Strategy
0% (1)
Your CCIE Lab Success Strategy
27 pages
SJ-20110624091725-012 ZXR10 8900&8900E (V3.00.01) Series Switch Configuration Guide (QoS)
No ratings yet
SJ-20110624091725-012 ZXR10 8900&8900E (V3.00.01) Series Switch Configuration Guide (QoS)
49 pages
5. GE ELECT 1 - Networking and Communication
No ratings yet
5. GE ELECT 1 - Networking and Communication
4 pages
TVL - CSS12 - Q2 - M4
No ratings yet
TVL - CSS12 - Q2 - M4
10 pages
Presentation On Mobile IP: Presented By:-Kapil Chhaji Dept. of Information Technology
No ratings yet
Presentation On Mobile IP: Presented By:-Kapil Chhaji Dept. of Information Technology
13 pages
REVIEW QUESTIONS System Administration
No ratings yet
REVIEW QUESTIONS System Administration
2 pages
Cisco Press - Configuring BGP
No ratings yet
Cisco Press - Configuring BGP
52 pages
SonicOS 6.5 System Setup PDF
No ratings yet
SonicOS 6.5 System Setup PDF
903 pages
CCNA 1 Practice Final Exam V4
50% (2)
CCNA 1 Practice Final Exam V4
27 pages
n10-008-08 - Explaining Network Topologies and Types
No ratings yet
n10-008-08 - Explaining Network Topologies and Types
27 pages
Using Policy-Based Ipsec VPN For Communication Between Offices
No ratings yet
Using Policy-Based Ipsec VPN For Communication Between Offices
7 pages
LESSON 1 Understanding Network Devices
No ratings yet
LESSON 1 Understanding Network Devices
24 pages
Manual ZTE ZXCTN-6200-V11 20090825 EN V1
No ratings yet
Manual ZTE ZXCTN-6200-V11 20090825 EN V1
73 pages
Azure Lab 4 Manage Networks in The Cloud
No ratings yet
Azure Lab 4 Manage Networks in The Cloud
2 pages
HC120115000 OSPF Protocol Basics
No ratings yet
HC120115000 OSPF Protocol Basics
38 pages
Command_of_Cisco_Router_Basic__1733241102
No ratings yet
Command_of_Cisco_Router_Basic__1733241102
7 pages
CCST Networking - Module 3 Quiz
No ratings yet
CCST Networking - Module 3 Quiz
5 pages
RoIP 302M
No ratings yet
RoIP 302M
4 pages
Servers
No ratings yet
Servers
39 pages
CCNP ENARSI v4.0 (5 Nov 2021)
No ratings yet
CCNP ENARSI v4.0 (5 Nov 2021)
198 pages
Fenomena Trending Topic Di Twitter Anali b2b21b0b
No ratings yet
Fenomena Trending Topic Di Twitter Anali b2b21b0b
17 pages
08 QinQ Configuration
No ratings yet
08 QinQ Configuration
11 pages
TCP Ip
No ratings yet
TCP Ip
6 pages
Assignment On Network Services and Technologies
No ratings yet
Assignment On Network Services and Technologies
5 pages
Social Media by Rose Landaverde
No ratings yet
Social Media by Rose Landaverde
38 pages
IP Addressing
No ratings yet
IP Addressing
37 pages
Mikrotik Limit Download
No ratings yet
Mikrotik Limit Download
1 page
Grade 9 Ig-Paper 2-Insert..
No ratings yet
Grade 9 Ig-Paper 2-Insert..
4 pages
HG8010H Datasheet
100% (1)
HG8010H Datasheet
2 pages

Dynamic VTI Easy VPN

Uploaded by

Dynamic VTI Easy VPN

Uploaded by

Example: Dynamic Virtual Tunnel Interface Easy VPN Server

hostname cisco 7206

tunnel mode ipsec ipv4

Router# show running-config interface Virtual-Access2

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

You might also like